The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.Resolved: Release in which this issue/RFE has been resolved.Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

Basic Authentication fails with multiple realms.
I setup of two realms on apache server . Both realms have different user databases. When I set Authenticator.setDefault() to one realm's user and then try to access the resource existing in second realm thru HttpURLConnection, then it throws the following exception.
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
at java.util.LinkedList.entry(LinkedList.java:356)
at java.util.LinkedList.get(LinkedList.java:299)
at sun.net.www.protocol.http.PathMap.get(AuthenticationInfo.java:375)
at sun.net.www.protocol.http.AuthenticationInfo.getAuth(AuthenticationInfo.java:181)
at sun.net.www.protocol.http.AuthenticationInfo.getServerAuth(AuthenticationInfo.java:171)
at sun.net.www.protocol.http.HttpURLConnection.getServerAuthentication(HttpURLConnection.java:951)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:611)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:238)
at BasicAuthTestCase.main(BasicAuthTestCase.java:34)
How to reproduce it:
====================
1. Take the attached BasicAuthTestCase.java
2. Need to setup two realms on apache(or may be any other server) . Both will be having two different user lists.
For example I have like...
realm -> AuthCheck/ -> It has a list of users
realm -> NoAuth/ -> It has a list of users
3. Execute the attached code
Output:
------
java BasicAuthTestCase
Response url1: 401 ---> Accessed before setting Authenticator.setDefault()
npath = /AuthCheck/
opath = /AuthCheck/
second Response url1: 200 --> After setting user info
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0 --> {Tried to access second realm }
at java.util.LinkedList.entry(LinkedList.java:356)
at java.util.LinkedList.get(LinkedList.java:299)
at sun.net.www.protocol.http.PathMap.get(AuthenticationInfo.java:375)
at sun.net.www.protocol.http.AuthenticationInfo.getAuth(AuthenticationInfo.java:181)
at sun.net.www.protocol.http.AuthenticationInfo.getServerAuth(AuthenticationInfo.java:171)
at sun.net.www.protocol.http.HttpURLConnection.getServerAuthentication(HttpURLConnection.java:951)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:611)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:238)
at BasicAuthTestCase.main(BasicAuthTestCase.java:34)

EVALUATION
This only happens when the two realms have the same "realm string" so
to speak, which would be unusual in practice, but it does
expose an erroneous assumption in the source code, which causes
the crash.
The solution is simply to check for an empty linked list
and return null
AuthenticationInfo.java:
370c370
< if (list == null) {
---
> if (list == null || list.size() == 0) {
###@###.### 2002-05-02